What is Snort? Bonus: How to Write Snort Rules!

Snort is an open-source, signature-based Network-based Intrusion Detection System (NIDS). Actually, Snort is much more than just a NIDS because it also acts a packet analyzer and a Network-based Intrusion Prevention System (NIPS). Snort was originally developed to be a packet analyzer, and with such sniffing capabilities, it can be used to detect intrusions on... Continue Reading →

Intrusion Detection and Prevention Systems

The process of intrusion detection involves the monitoring of systems or networks for any signs and occurrences of events or incidents deemed either suspicious or in violation of to an organization's security policy or rule set. An "Intrusion Detection System (IDS)" is a hardware appliance or software that has the ability to detect signs of... Continue Reading →

Identifying Network-Related Symptoms of Cyberattacks

Let's assume you have the architecture of your network already established, but you'd like to able to detect any signs of malicious traffic traversing in and out of your network. One of the things your might want to consider is placing sensors in strategic locations of your network. Intrusion Detection Systems (IDSs) and Intrusion Prevention... Continue Reading →

Breaking HTTPS with a Proxy

I have previously discussed other ways to decrpyt HTTPS traffic, such as sslstrip and key logging, but let's discuss another way. When you link to a Web site, you're hopefully using HTTPS and not HTTP. Our Web traffic used to be encrypted using Netscape's "Secure Sockets Layer version 3 (SSLv3)"; however, due to some inherent... Continue Reading →

Tips for Securing Your Network

Before I begin, let's address two obvious questions. Number one, what kind of network are we talking about here? I'm referring to a large or enterprise network. However, you can implement some of these security solutions on your home or SOHO network. Well, maybe you wouldn't want a network access enterprise server at your home.... Continue Reading →

Switch Security

I've made several posts about switches, how they function, and the amazing features they possess, but now it's time to talk about their security. Let's start with switching loops. Switching Loops and STP/RSTP In some cases, a network can develop a "switching loop," sometimes called a "bridging loop." In networks with a lot of switches,... Continue Reading →


Up ↑